Why do sites that I’ve enabled passkey on still hold my asterisked password?

I may be corrected by support.
I agree with you exactly that passkeys should replace the password.
You would expect once you create a passkey it would replace your password and 2fa codes, but there still might be a need for hardware security keys in some cases.
Does not look like that is gonna happen for sometime.
So I just add the passkey where I can, but leaving everything as is for now (like we have a choice).

Explained
On some websites you can turn off 2fa after creating a passkey, but I would still keep that stuff enabled for now, because until the website says your passkey can replace that stuff you might be lowering your security, because of too many options!
This means a person might have the same options at a public library etc.
.
Besides the private vs public key term, using your passkey to sign in is going to be secure from your device, because it can recognize a phishing website just like a hardware security key, but if you disable 2fa a person still has the option to try just your password it seems.
I do agree with your thoughts 100%.